search

ellaisys / aws-cognito

AWS Cognito package (with MFA Feature) using the AWS SDK for PHP/Laravel
https://ellaisys.github.io/aws-cognito/
MIT License
110 stars 41 forks source link

Verification Email not receiving #26

Closed hafsalmetvr closed 2 years ago

hafsalmetvr commented 2 years ago

I used the package and follow the steps in documentation to register new users. It is successfully registered but my user is not receiving verification email. When i checked UserPool via console, it seems like user's email is already verified. I think that is the reason why my user is not receiving verification email link via email

I have configured UserPool for receiving email verification link

When i checked package code, i found we are forcefully setting email_verified as true in the file src/AwsCognitoClient.php

       //Force validate email
        if ($attributes['email']) {
            $attributes['email_verified'] = 'true';
        }

I doubt this is the reason why i am not receiving verification email. I don't want any user got automatically verified

Any suggestions?

amitdhongde commented 2 years ago

Hi, The attributes have no relevance to sending the emails.

Not sure, if you are using the Cognito default mail provider or AWS SES. I shall upload a Cognito configuration document in the next couple of days... you may use that.

I've also uploaded a demo application and hosted the same too. Please check the code.

Regards

hafsalmetvr commented 2 years ago

Hi @amitdhongde

Thank you for reply.

I am using Cognito default mail provider. Also i am receiving a welcome email with password But verification email (with link to verify email) is not receiving

I thought if attribute setting true will cause auto verification of email address and will not receive verification email message

I will check your demo code anyway

Thanks Again

amitdhongde commented 2 years ago

Hi @hafsalmetvr, Do You mean the Cognito email with the verification link? If yes, we have faced that issue for over a year now into the production release. Need to check if that is an AWS SDK issue or not.

hafsalmetvr commented 2 years ago

Hi @hafsalmetvr, Do You mean the Cognito email with the verification link? If yes, we have faced that issue for over a year now into the production release. Need to check if that is an AWS SDK issue or not.

@amitdhongde Yes, i said verification email with link. When a user just register, New user account's email in Cognito should be in "Not Verified" status and then user should receive a verification email with link, So that user will click on the link to verify his email

but in my case, When i checked new user in Cognito, its email address is already verified when a user just created only. And i initially thought its happening because we are setting the param $attributes['email_verified'] = 'true'; and that is why i am not receiving verification email

amitdhongde commented 2 years ago

Hi @hafsalmetvr, Do You mean the Cognito email with the verification link? If yes, we have faced that issue for over a year now into the production release. Need to check if that is an AWS SDK issue or not.

@amitdhongde Yes, i said verification email with link. When a user just register, New user account's email in Cognito should be in "Not Verified" status and then user should receive a verification email with link, So that user will click on the link to verify his email

but in my case, When i checked new user in Cognito, its email address is already verified when a user just created only. And i initially thought its happening because we are setting the param $attributes['email_verified'] = 'true'; and that is why i am not receiving verification email

@hafsalmetvr The verification email is sent for forgot password, and not account activation. To mimic that functionality, you may use the Cognito triggers from the console and call an appropriate lambda function. In the meanwhile, we will surely parameterize the flag and pick it from the configuration file.

hafsalmetvr commented 2 years ago

@amitdhongde I am saying about Cognito User Signup flow, We can configure Cognito for Email/Phone verification. So that once user signup, they will not be able to login until they verify their email.

(Cognito will trigger forgot password email only if the email is verified)

https://docs.aws.amazon.com/cognito/latest/developerguide/signing-up-users-in-your-app.html.

The doc says about email verification process on SignUp flow

hafsalmetvr commented 2 years ago

@amitdhongde Issue got fixed when i used AwsCognitoClient->register() method instead of AwsCognitoClient->inviteUser()

Now i am receiving a verification email with link. Once i click on the link new user will be activated in Cognito

inviteUser() method is using AWS adminCreateUser api , when creating new user with adminCreateUser API, Cognito won't sent verification email

Thank you

amitdhongde commented 2 years ago

@hafsalmetvr Got it. Thank you for using this library.

amitdhongde commented 2 years ago

This fix/feature is released today and now new user email auto verification is configurable from environment variables. Refer the latest release (tag 1.0.5)

rahulmakwana5291 commented 1 year ago

@hafsalmetvr Thank you - Using register() method fixed the issue for me as well !

@amitdhongde Your package works out of the box - I have personally used this package while working with you and I have used this package for other projects as well - Thanks.